Skip to content

Entries tagged "kernel".

Get more info about dying processes and run some scripts as well while you're at it

This is sheer coolness. I fuckin love the kernel guys.
Read this article to find out how to get more info about dying processes and how you can run some scripts before they get killed.

Newer kernel for Centos

Want to try the latest kernel on a Centos server? Although that is highly unadvisable, in the desperate and cataclismic event that you really need it, do not forget to enable CONFIG_SYSFS_DEPRECATED_V2, otherwise you'll end up in a kernel panic.
Thanks Toracat for the tip!

Hide other users' processes in Linux

And at last we have the equivalent of security.bsd.see_other_uids in Linux without the need to mess around with grsecurity! This is a security feature I've waited to land in Linux for a LONG time.
This characteristic can be enabled if you have kernel 3.3 (EL6/rhel/centos users can get it from here - thanks ajb!), but hopefully RedHat and other distributions will backport this feature in their kernels, too. The required patches are here and here.

So, how it works? Simple:
- mount /proc with the option "hidepid=1" to stop a regular user to see other processes but his when doing `ps` or `top`
- mount /proc with the option "hidepid=2" to not only stop the user from seeing other processes, but also disables the user's capacity to list /proc/$PIDs that are not his
- mount /proc with the option "hidepid=0" to go back to standard behaviour, all users can see all processes - this is the default
- there is also the "gid=xxx" mount option that lets the specified gid see all processes, even when hidepid is set to 1 or 2

You can read more about it here.

Enjoy!

Long Term supported kernel in ElRepo for RHEL and the clones

The good people at elrepo.org just announced on their blog that in addition to the kernel-ml, tracking the current mainline kernel, we now also have kernel-lt (!!!) tracking the current long term supported mainline kernel.

So if you feel like going a bit more bleeding edge, but not too much, then kernel-lt is for you!